Risk

9/11/2018
02:30 PM
50%
50%

The Key to Stealing a Tesla Model S

A team of hackers finds it's possible to steal a Tesla Model S by cloning the key fob.

The key to stealing a Tesla Model S is cloning the car's existing key fob, according to a team of security researchers at the KU Leuven university in Belgium.

At the Cryptographic Hardware and Embedded Systems conference held this week in Amsterdam, the team will present a paper detailing the process of breaking encryption in the wireless key fobs of the Tesla Model S. It took about $600 in equipment to read signals from the fob of a nearby key, and less than two seconds of computation to learn the cryptographic key, which can be used to drive the car.

"We can completely impersonate the key fob and open and drive the vehicle," says KU Leuven researcher Lennert Wouters in a statement to Wired, which reported on the research. Over nine months, the team learned the Model S keyless system used weak 40-bit cipher encryption for its key fob codes. With those codes, they could try every possible cryptographic key until they found the right one.

Tesla issued an upgraded key fob in response to the findings and says Model S cars sold after June 2018 aren't vulnerable to this type of attack. It also recently gave drivers the option to set a PIN code to be entered on the dashboard before the car can be driven. However, if the PIN code is not enabled or the key fob isn't upgraded with stronger encryption, cars are vulnerable.

The research team believes this type of attack might work on McLaren and Karma cars, as well as Triumph motorcycles, all of which use the Pektron key fob system. However, they were not able to
gain access to those vehicles for testing. McLaren reports it's investigating the problem and, in the meantime, is offering drivers protective key pouches to protect from radio scans.

Read more details here.

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
RDP Ports Prove Hot Commodities on the Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: When they asked me to do a pen test, I wasn't thinking of this!
Current Issue
Flash Poll
How Data Breaches Affect the Enterprise
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17182
PUBLISHED: 2018-09-19
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations...
CVE-2018-17144
PUBLISHED: 2018-09-19
Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.
CVE-2017-3912
PUBLISHED: 2018-09-18
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6690
PUBLISHED: 2018-09-18
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6693
PUBLISHED: 2018-09-18
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...